Hello!,
I am reading at moodle partners websites that:
Encryption for Data Protection
Moodle protects data in two key ways:
- Data at rest: Information stored on your server is encrypted.
- Data in transit: When users login or interact with your site, that data is encrypted using HTTPS
At this point, I will like to ask how, I am finding very low information regarding to this and just to add a little light on this matter of Data at rest since the https is something I already have for long, my questions regarding would be:
If moodle by itself is providing Data at rest encryption, ¿How is doing it? Is there an standard of encryption running? Which one?
If is not being providing, how shall I implement this? in the case of data in transfer is very clear...with the https, but in the case of data at rest? Should I then encrypt the database by doing what?
I am a little bit lost in this and I have a request of a client on that, asking me how the data is being encrypted at rest and which codification I am using...AES 256, RSA 2048...
Anyone can help me please? thanks in advance...
I am using now Moodle 4.3.9